/*
 * Copyright 2017 Groupon, Inc
 * Copyright 2017 The Billing Project, LLC
 *
 * The Billing Project licenses this file to you under the Apache License, version 2.0
 * (the "License"); you may not use this file except in compliance with the
 * License.  You may obtain a copy of the License at:
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */

package org.killbill.billing.server.security;

import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;

public class KillBillWebSessionManager extends DefaultWebSessionManager {

    @Override
    protected Session newSessionInstance(final SessionContext context) {
        final Session session = super.newSessionInstance(context);

        // DefaultWebSessionManager will call applyGlobalSessionTimeout() in
        // start() below instead, which in turn calls onChange() and triggers a DAO UPDATE call
        session.setTimeout(getGlobalSessionTimeout());

        return session;
    }

    @Override
    public Session start(final SessionContext context) {
        final Session session = createSession(context);

        // See above
        //applyGlobalSessionTimeout(session);

        onStart(session, context);
        notifyStart(session);
        return createExposedSession(session, context);
    }
}
